WP-Safety

Slider Pro Security & Risk Analysis

wordpress.org/plugins/sliderpro

Slider Pro is a responsive slider plugin that offers Premium features for FREE, including animated layers, post content, full width layout and more.

4K active installs v4.8.13 PHP + WP 4.0+ Updated Dec 23, 2025
content-sliderpost-sliderresponsive-sliderslidertouch-slider
100
A · Safe
CVEs total1
Unpatched0
Last CVESep 5, 2023
Plugin page Download
Safety Verdict

Is Slider Pro Safe to Use in 2026?

Generally Safe

Score 100/100

Slider Pro has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Sep 5, 2023Updated 3mo ago
Risk Assessment

Sliderpro v4.8.13 presents a mixed security posture. While the plugin demonstrates some good security practices, such as a high percentage of SQL queries using prepared statements and a good rate of output escaping, several significant concerns are raised by the static analysis. A substantial attack surface exists with 20 out of 40 entry points lacking authentication checks, including AJAX handlers and a REST API route. The presence of a 'unserialize' function, a known risk if used with untrusted input, is a red flag. Furthermore, 5 high-severity taint flows with unsanitized paths indicate potential vulnerabilities that could be exploited by attackers, even though no critical severity taint flows were reported.

Key Concerns

  • AJAX handlers without auth checks
  • REST API route without permission callback
  • High severity taint flows with unsanitized paths
  • Dangerous 'unserialize' function found
  • Medium severity CVE history
Vulnerabilities
1

Slider Pro Security Vulnerabilities

CVEs by Year

1 CVE in 2023
2023
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2023-41865medium · 4.3Missing Authorization

Slider Pro <= 4.8.6 - Missing Authorization via AJAX actions

Sep 5, 2023 Patched in 4.8.7 (140d)
Code Analysis
Analyzed Mar 16, 2026

Slider Pro Code Analysis

Dangerous Functions
1
Raw SQL Queries
10
20 prepared
Unescaped Output
111
407 escaped
Nonce Checks
17
Capability Checks
12
File Operations
0
External Requests
4
Bundled Libraries
0

Dangerous Functions Found

unserialize$parsed_response = unserialize( $response );includes\class-flickr.php:38

SQL Query Safety

67% prepared30 total queries

Output Escaping

79% escaped518 total outputs
Data Flows
8 unsanitized

Data Flow Analysis

12 flows8 with unsanitized paths
ajax_preview_slider (admin\class-sliderpro-admin.php:641)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
20 unprotected

Slider Pro Attack Surface

Entry Points40
Unprotected20

AJAX Handlers 35

authwp_ajax_sliderpro_load_add_on_more_detailsadmin\class-sliderpro-add-ons.php:106
authwp_ajax_sliderpro_load_install_add_onadmin\class-sliderpro-add-ons.php:107
authwp_ajax_sliderpro_load_edit_add_on_license_keyadmin\class-sliderpro-add-ons.php:108
authwp_ajax_sliderpro_verify_add_on_license_keyadmin\class-sliderpro-add-ons.php:109
authwp_ajax_sliderpro_install_add_onadmin\class-sliderpro-add-ons.php:110
authwp_ajax_sliderpro_activate_add_onadmin\class-sliderpro-add-ons.php:111
authwp_ajax_sliderpro_deactivate_add_onadmin\class-sliderpro-add-ons.php:112
authwp_ajax_sliderpro_get_slider_dataadmin\class-sliderpro-admin.php:60
authwp_ajax_sliderpro_save_slideradmin\class-sliderpro-admin.php:61
authwp_ajax_sliderpro_preview_slideradmin\class-sliderpro-admin.php:62
authwp_ajax_sliderpro_update_presetsadmin\class-sliderpro-admin.php:63
authwp_ajax_sliderpro_get_preset_settingsadmin\class-sliderpro-admin.php:64
authwp_ajax_sliderpro_get_breakpoints_presetadmin\class-sliderpro-admin.php:65
authwp_ajax_sliderpro_delete_slideradmin\class-sliderpro-admin.php:66
authwp_ajax_sliderpro_duplicate_slideradmin\class-sliderpro-admin.php:67
authwp_ajax_sliderpro_export_slideradmin\class-sliderpro-admin.php:68
authwp_ajax_sliderpro_import_slideradmin\class-sliderpro-admin.php:69
authwp_ajax_sliderpro_add_slidesadmin\class-sliderpro-admin.php:70
authwp_ajax_sliderpro_load_main_image_editoradmin\class-sliderpro-admin.php:71
authwp_ajax_sliderpro_load_thumbnail_editoradmin\class-sliderpro-admin.php:72
authwp_ajax_sliderpro_load_caption_editoradmin\class-sliderpro-admin.php:73
authwp_ajax_sliderpro_load_html_editoradmin\class-sliderpro-admin.php:74
authwp_ajax_sliderpro_load_layers_editoradmin\class-sliderpro-admin.php:75
authwp_ajax_sliderpro_add_layer_settingsadmin\class-sliderpro-admin.php:76
authwp_ajax_sliderpro_load_settings_editoradmin\class-sliderpro-admin.php:77
authwp_ajax_sliderpro_load_content_type_settingsadmin\class-sliderpro-admin.php:78
authwp_ajax_sliderpro_add_breakpointadmin\class-sliderpro-admin.php:79
authwp_ajax_sliderpro_add_breakpoint_settingadmin\class-sliderpro-admin.php:80
authwp_ajax_sliderpro_get_taxonomiesadmin\class-sliderpro-admin.php:81
authwp_ajax_sliderpro_clear_all_cacheadmin\class-sliderpro-admin.php:82
authwp_ajax_sliderpro_close_getting_startedadmin\class-sliderpro-admin.php:83
authwp_ajax_sliderpro_close_image_size_warningadmin\class-sliderpro-admin.php:84
authwp_ajax_sliderpro_close_custom_css_js_warningadmin\class-sliderpro-admin.php:85
authwp_ajax_sliderpro_load_lightbox_sliderpublic\class-lightbox-slider.php:48
noprivwp_ajax_sliderpro_load_lightbox_sliderpublic\class-lightbox-slider.php:49

REST API Routes 1

GET/wp-json/sliderpro/v1/slidersgutenberg\class-sliderpro-block.php:56

Shortcodes 4

[sliderpro_lightbox] public\class-lightbox-slider.php:51
[sliderpro] public\class-sliderpro.php:98
[sliderpro_slide] public\class-sliderpro.php:99
[sliderpro_slide_element] public\class-sliderpro.php:100
WordPress Hooks 25
actionadmin_enqueue_scriptsadmin\class-sliderpro-add-ons.php:100
actionadmin_enqueue_scriptsadmin\class-sliderpro-add-ons.php:101
actionsliderpro_admin_menuadmin\class-sliderpro-add-ons.php:104
actionadmin_enqueue_scriptsadmin\class-sliderpro-admin.php:55
actionadmin_enqueue_scriptsadmin\class-sliderpro-admin.php:56
actionadmin_menuadmin\class-sliderpro-admin.php:58
actioninitgutenberg\class-sliderpro-block.php:24
actionrest_api_initgutenberg\class-sliderpro-block.php:55
filterpost_galleryincludes\class-hideable-gallery.php:21
actionwpmu_new_blogincludes\class-sliderpro-activation.php:26
actioninitpublic\class-sliderpro.php:85
actionwp_enqueue_scriptspublic\class-sliderpro.php:88
actionwp_enqueue_scriptspublic\class-sliderpro.php:89
actionwp_enqueue_scriptspublic\class-sliderpro.php:92
actionwp_footerpublic\class-sliderpro.php:93
actionwp_print_footer_scriptspublic\class-sliderpro.php:95
actionplugins_loadedsliderpro.php:46
actionplugins_loadedsliderpro.php:47
actionplugins_loadedsliderpro.php:48
actionplugins_loadedsliderpro.php:49
actionwidgets_initsliderpro.php:52
actionplugins_loadedsliderpro.php:56
actionplugins_loadedsliderpro.php:64
actionplugins_loadedsliderpro.php:65
actionadmin_initsliderpro.php:66
Maintenance & Trust

Slider Pro Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 23, 2025
PHP min version
Downloads65K

Community Trust

Rating100/100
Number of ratings12
Active installs4K
Alternatives

Slider Pro Alternatives

Ditty – Responsive News Tickers, Sliders, and Lists

Ditty – Responsive News Tickers, Sliders, and Lists

ditty-news-ticker

A
91

Ditty offers a range of content display options, including its signature news ticker and customizable layouts.

30K 14 CVEs
Social LikeBox & Feed

Social LikeBox & Feed

facebook-by-weblizar

A
99

Display your FaceBook Feed and Like box on your website with this outstanding plugin. It is completely customizable, responsive and the code is search &hellip;

10K 1 CVE
Block Slider – Responsive Image Slider, Video Slider & Post Slider

Block Slider – Responsive Image Slider, Video Slider & Post Slider

block-slider

C
63

Create Responsive Sliders using WordPress Blocks. Image slider, video slider, YouTube slider, post slider, product slider, WooCommerce slider & more.

4K 1 unpatched
Swipe Slider – Make dynamic slider with solid, gradient, or image background

Swipe Slider – Make dynamic slider with solid, gradient, or image background

swipe-slider

A
100

Swipe through beautiful sliders! Add images or text. Choose solid, gradient, or image backgrounds. Effortless & mobile-friendly!

3K No CVEs
Slider Pro

Slider Pro

slider-pro-wp

A
85

A modular, responsive and touch-enabled jQuery slider plugin that enables you to create elegant and professionally looking sliders

1K No CVEs
Developer Profile

Slider Pro Developer Profile

bqworks

3 plugins · 6K total installs

87
trust score
Avg Security Score
99/100
Avg Patch Time
78 days
View full developer profile
Detection Fingerprints

How We Detect Slider Pro

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/sliderpro/admin/assets/css/sliderpro-add-ons.css/wp-content/plugins/sliderpro/admin/assets/css/sliderpro-add-ons.min.css/wp-content/plugins/sliderpro/admin/assets/js/sliderpro-add-ons.js/wp-content/plugins/sliderpro/admin/assets/js/sliderpro-add-ons.min.js/wp-content/plugins/sliderpro/public/css/sliderpro.css/wp-content/plugins/sliderpro/public/css/sliderpro.min.css/wp-content/plugins/sliderpro/public/js/sliderpro.js/wp-content/plugins/sliderpro/public/js/sliderpro.min.js
Script Paths
/wp-content/plugins/sliderpro/admin/assets/js/sliderpro-add-ons.js/wp-content/plugins/sliderpro/admin/assets/js/sliderpro-add-ons.min.js/wp-content/plugins/sliderpro/public/js/sliderpro.js/wp-content/plugins/sliderpro/public/js/sliderpro.min.js
Version Parameters
sliderpro-add-ons-admin-stylesliderpro-add-ons-admin-scriptsliderpro-stylesliderpro-script

HTML / DOM Fingerprints

CSS Classes
sliderprosp-containersp-slides-containersp-wrappersp-slidessp-slidesp-videosp-slide-layers+25 more
HTML Comments
<!-- SliderPro --><!-- SliderPro Core JavaScript --><!-- SliderPro Core CSS -->
Data Attributes
data-sliderpro-iddata-sliderpro-settings
JS Globals
SliderPro
Shortcode Output
[sliderpro[slider_pro
FAQ

Frequently Asked Questions about Slider Pro